I need a way to pass a variable between two page in a secure way.

I know that I can use POST / GET / Cookie / Session or hidden fields but I think none of these ways aren't secure enough because :

get can be seen in the url
cookies is a client side so it can be change from client
session can confront Session ID hijacking and ...

Now I want to know is there another ways better than these ways and if there isn't witch of these is the best way to pass variables in secure manner;

Session is the most secure method you have available.

Session id regeneration will help against session hijacking, but SSL via https will really protect against it.

BTW: If the session is hijacked and you're displaying user data to the client, it doesn't matter how you got the data to the second page, the hijacker will see it. If you're only using it server side, the hijacker won't see it.

Passing variable values between pages using session is most secure

and Regenerate the session id by session_regenerate_id whenever the security level changes (such as logging in). You can even regenerate the session id every request if you wish.

Good Read

PHP Security Guide: Sessions

since session is server side, its the most secure way to pass the variables and to prevent session hijacking you can use session_regenerate_id function in php the manual: http://php.net/manual/en/function.session-regenerate-id.php

but that doesn't means you always use sessions to pass variables you still can use cookies, but encrypt the data before storing them in the cookies.

There is nothing wrong with using GET - as long as they are sanitised correctly... you can always combine get with a hash of the parameters to reduce the risk of it being tampered with, along with use of sessions to ensure they are also legitimate.